Blogs

AppScan Tricks And Tools

About this blog

Forum for those Learning about Leading IBM Application Security Tricks, Scripts and Tools and Kits for AppScan Source for Analysis ...Customizing, Integrating, Sniffing, Snooping and Hijacking your way to joy.

Tags

As detailed in my previous post The AppScan Appliance - Design and Architecture I noted several components that I consider crucial steps in the
development of the AppScan Appliance Proof of Concept. One of the
first major milestones will be the creation of a web-based portal where AppScan Source scans can be triggered and the results viewed.
Ideally this portal will be the front
end for a Continuous Integration environment which itself will be
integrated with a Version Control System (VCS) used not only for acquiring
the source code... [More]

Here is a pretty funny and / or really serious
(depending on your frame of reference) utility that exploits a low
level SMTP vulnerability by design. In effect, this allows one to send an email FROM ANY
ADRESS, as long as the domain doesn't actually exist. That may sound
like a tough restriction but I can testify that anything from a
realistic sounding new division name, theoretically something like
myboss@security.us.ibm.com ,
has a very high potential of being opened.
Link to the Utility in a Standalone Executable (with a cool... [More]

This post will be the first in a series
dedicated to providing initial support for a very common .NET
framework in use today, the ASP.NET MVC – specifically version 3.0 http://www.asp.net/mvc/mvc3 The lack of AppScan Source visibility
into this framework and any applications built using it was first
described in depth in this post by Dinis Cruz:
ASP.NET MVC Support in SAST and IBM F4F Given that there currently is not WAFL
support, i.e. a WAFL Generator has not yet been created to identify
the various constructs that need WAFL rules... [More]

The AppScan Appliance – Proof Of
Concept Architecture and Application Security Process Following some great feedback I
received on my previous post regarding the concept of an AppScan Security Appliance, How The Mainframe Can Transform Application Security , I want to further define a
potential high level architecture along with a set of processes for
integration into the application development life cycle. The goal here is to
start down the path towards a Proof Of Concept including a prototype in order to demonstrate what I believe will... [More]

In his recent post on obtaining the various installation packages for a complete installation of the AppScan product suite: AppScan Eval Downloads and What is What Dinis makes a good point about the confusion that one can encounter when moving from earlier versions (pre-8.5) of AppScan Source and AppScan Enterprise to 8.6.x and does a pretty solid job of explaining the line in a bit more detail. To help out with his one point of confusion, regarding the Dynamic Analysis module, I gave him a bit of an insider explanation, which may be useful... [More]

** Re-posting this entry from the Message Board **
IBM Security Systems Has All The Artillery To Dominate the Security Battlefield It just needs to be deployed properly.. → Some factors that may explain the current state of the application security maturity [extremely low]: Development organizations
continue to lack the necessary security training and processes to
translate 'security requirements' into a secure design with
appropriate unit tests.
The intense pace development of
new technologies and migration of... [More]

Difficult
to present Findings with Disconnected Data-Flows Any time I've found
myself faced with a real-world, web application, scanning and
presenting the AppScan Source Edition Findings, I always arrive
at the point at which I have Triaged, Analyzed, Filtered and otherwise
massaged the raw results into the 'data-flow pieces', which in totality represent
the true vulnerabilities that I've found. The most difficult
part of this exercise is then to construct [for the results consumer] a realistic picture of what an actual round trip of... [More]

An Easy Way To View AppScan Source
Findings from Multiple .ozasmt Files For many years now, I have been dealing with the tens of
thousands of Findings that are generated from an average size web
application scanned with AppScan Source Edition. Although there have been numerous improvements to the
user interface and the Findings representation to accommodate the
huge amount of data that is necessarily generated, I find that my
approach to static analysis ( I want Millions of Findings, i.e. ALL
Possible Traces ) demands that multiple... [More]